https://github.com/viralvaghela/specter

versatile red team simulation tool for testing browser-based attacks. It supports payloads like keylogging, screenshot capturing, webcam access, clipboard hijacking, geolocation tracking, and more
https://github.com/viralvaghela/specter

attack-simulation cybersecurity offensive-security redteam redteam-tools redteamer

Last synced: 4 months ago
JSON representation

versatile red team simulation tool for testing browser-based attacks. It supports payloads like keylogging, screenshot capturing, webcam access, clipboard hijacking, geolocation tracking, and more

• Host: GitHub
• URL: https://github.com/viralvaghela/specter
• Owner: viralvaghela
• License: mit
• Created: 2024-11-14T18:16:16.000Z (12 months ago)
• Default Branch: main
• Last Pushed: 2024-11-14T18:43:51.000Z (12 months ago)
• Last Synced: 2025-04-05T14:28:50.695Z (7 months ago)
• Topics: attack-simulation, cybersecurity, offensive-security, redteam, redteam-tools, redteamer
• Language: Python
• Homepage:
• Size: 20.5 KB
• Stars: 4
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Specter - Red Team Simulation Tool [ Still In a Development ]

**Specter** is a versatile and dynamic red team simulation tool designed to facilitate browser-based attacks for security assessments. This tool allows penetration testers to deliver and manage a wide variety of payloads, including:

- **Keylogger**: Capture and send keystrokes back to the server

- **Geolocation Tracking**: Retrieve and send the client's geographic location

- **Screenshot Capture**: Capture screenshots and send them back as Base64 images

- **Webcam Access**: Capture webcam images and send them back as Base64

- **Clipboard Hijack**: Retrieve clipboard content from the client

- **File Download**: Download files from a URL and send their content back

- **APK Download**: Trigger APK downloads from specified URLs

- **Speech-to-Text**: Convert spoken words into text on the client side

### Features

- **Browser-based payload execution**: Send custom or pre-defined JavaScript payloads directly to the client.

- **Base64 Encoded Data**: Supports payloads that send screenshots, webcam captures, and other data encoded in Base64 format.

- **Real-time interaction**: Receive real-time feedback from the client, including keystrokes, captured screenshots, and more.

- **Custom payloads**: Easily extend Specter with custom JavaScript payloads.

### Requirements

- Python 3.7+

- `websockets` library for WebSocket communication

- A web browser that supports JavaScript execution and WebSockets

### Installation

1. Clone this repository:

   ```bash

   git clone https://github.com/your-username/specter.git

   cd specter